Dynamo

JDW

27 Jan 2017, 1:53 am

Redirect IE6/7/8 via .htaccess

Currently I am using this code in my .htaccess file:

    # Enable Rewrite feature:
RewriteEngine On

    # Redirect IE6/7/8 users to "OUTDATED BROWSER" site:
RewriteCond %{HTTP_USER_AGENT} "MSIE [6-8]" [NC]
RewriteRule ^(.*)$ <http://outdatedbrowser.com/ja> [R,L]

It works great when the user types our domain in the browser address bar or otherwise comes to our site via HTTP link. However, if I type “https://” and then our domain into the address bar and hit return, the redirect does not work.

I tried the following code, but it does NOT resolve the problem:

    # Redirect IE6/7/8 users to "OUTDATED BROWSER" site:
RewriteCond %{HTTP_USER_AGENT} "MSIE [6-8]" [NC]
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ <http://outdatedbrowser.com/ja> [R,L]
RewriteCond %{HTTP_USER_AGENT} "MSIE [6-8]" [NC]
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ <http://outdatedbrowser.com/ja> [R,L]

Why redirect? Because I am using Let’s Encrypt to give us HTTPS now, and when someone comes to our site using IE8 (for example), they get a security certificate domain mismatch error screen that gives the impression our site is suspicious. That happens because IE8 is incompatible, but I would prefer to redirect those folks to a friendly “update your browser” page.

So once again, the problem (no redirect) only occurs when someone specifically types “https://” and then the domain into the address bar of the browser and hits return. I want to redirect all IE6/7/8 users regardless of how they type our domain (with HTTP or with HTTPS).

Any thoughts?

Thanks,

James W.

JDW

27 Jan 2017, 8:15 am

Based on what I’ve been able to Google, it would appear that the main problem is that the HTTPS handshake occurs before my .htaccess file fires. It also appears that the root cause of the silly IE8 domain mismatch error is the fact that I am on a hosted server, regardless of the fact my site has a dedicated IP address.

So for now, there seems to be nothing I can do. I don’t really care about IE8 anymore. But the fact remains that people who use that browser trying to come to our site via HTTPS link will get that scary error page and think something is fishy about our site. That’s not really the impression I’d like to give, even to those stubborn old timers who refuse to update their browser. But oh well!

—James W.